summaryrefslogtreecommitdiffstats
path: root/kopete/protocols/jabber/libiris/qca/src/tqca.cpp
diff options
context:
space:
mode:
Diffstat (limited to 'kopete/protocols/jabber/libiris/qca/src/tqca.cpp')
-rw-r--r--kopete/protocols/jabber/libiris/qca/src/tqca.cpp1481
1 files changed, 0 insertions, 1481 deletions
diff --git a/kopete/protocols/jabber/libiris/qca/src/tqca.cpp b/kopete/protocols/jabber/libiris/qca/src/tqca.cpp
deleted file mode 100644
index a4e8ab11..00000000
--- a/kopete/protocols/jabber/libiris/qca/src/tqca.cpp
+++ /dev/null
@@ -1,1481 +0,0 @@
-/*
- * tqca.cpp - TQt Cryptographic Architecture
- * Copyright (C) 2003 Justin Karneges
- *
- * This library is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either
- * version 2.1 of the License, or (at your option) any later version.
- *
- * This library is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this library; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
- *
- */
-
-#include "tqca.h"
-
-#include <tqptrlist.h>
-#include <tqdir.h>
-#include <tqfileinfo.h>
-#include <tqstringlist.h>
-#include <tqlibrary.h>
-#include <tqtimer.h>
-#include <tqhostaddress.h>
-#include <tqapplication.h>
-#include <tqguardedptr.h>
-#include <stdlib.h>
-#include "tqcaprovider.h"
-
-#if defined(Q_OS_WIN32)
-#define PLUGIN_EXT "dll"
-#elif defined(Q_OS_MAC)
-#define PLUGIN_EXT "dylib"
-#else
-#define PLUGIN_EXT "so"
-#endif
-
-using namespace TQCA;
-
-class ProviderItem
-{
-public:
- TQCAProvider *p;
- TQString fname;
-
- static ProviderItem *load(const TQString &fname)
- {
- TQLibrary *lib = new TQLibrary(fname);
- if(!lib->load()) {
- delete lib;
- return 0;
- }
- void *s = lib->resolve("createProvider");
- if(!s) {
- delete lib;
- return 0;
- }
- TQCAProvider *(*createProvider)() = (TQCAProvider *(*)())s;
- TQCAProvider *p = createProvider();
- if(!p) {
- delete lib;
- return 0;
- }
- ProviderItem *i = new ProviderItem(lib, p);
- i->fname = fname;
- return i;
- }
-
- static ProviderItem *fromClass(TQCAProvider *p)
- {
- ProviderItem *i = new ProviderItem(0, p);
- return i;
- }
-
- ~ProviderItem()
- {
- delete p;
- delete lib;
- }
-
- void ensureInit()
- {
- if(init_done)
- return;
- init_done = true;
- p->init();
- }
-
-private:
- TQLibrary *lib;
- bool init_done;
-
- ProviderItem(TQLibrary *_lib, TQCAProvider *_p)
- {
- lib = _lib;
- p = _p;
- init_done = false;
- }
-};
-
-static TQPtrList<ProviderItem> providerList;
-static bool qca_init = false;
-
-static bool plugin_have(const TQString &fname)
-{
- TQPtrListIterator<ProviderItem> it(providerList);
- for(ProviderItem *i; (i = it.current()); ++it) {
- if(i->fname == fname)
- return true;
- }
- return false;
-}
-
-static void plugin_scan()
-{
- TQStringList dirs = TQApplication::libraryPaths();
- for(TQStringList::ConstIterator it = dirs.begin(); it != dirs.end(); ++it) {
- TQDir libpath(*it);
- TQDir dir(libpath.filePath("crypto"));
- if(!dir.exists())
- continue;
-
- TQStringList list = dir.entryList();
- for(TQStringList::ConstIterator it = list.begin(); it != list.end(); ++it) {
- TQFileInfo fi(dir.filePath(*it));
- if(fi.isDir())
- continue;
- if(fi.extension() != PLUGIN_EXT)
- continue;
- TQString fname = fi.filePath();
-
- // don't load the same plugin again!
- if(plugin_have(fname))
- continue;
- //printf("f=[%s]\n", fname.latin1());
-
- ProviderItem *i = ProviderItem::load(fname);
- if(!i)
- continue;
- if(i->p->qcaVersion() != TQCA_PLUGIN_VERSION) {
- delete i;
- continue;
- }
-
- providerList.append(i);
- }
- }
-}
-
-static void plugin_addClass(TQCAProvider *p)
-{
- ProviderItem *i = ProviderItem::fromClass(p);
- providerList.prepend(i);
-}
-
-static void plugin_unloadall()
-{
- providerList.clear();
-}
-
-static int plugin_caps()
-{
- int caps = 0;
- TQPtrListIterator<ProviderItem> it(providerList);
- for(ProviderItem *i; (i = it.current()); ++it)
- caps |= i->p->capabilities();
- return caps;
-}
-
-TQString TQCA::arrayToHex(const TQByteArray &a)
-{
- TQString out;
- for(int n = 0; n < (int)a.size(); ++n) {
- TQString str;
- str.sprintf("%02x", (uchar)a[n]);
- out.append(str);
- }
- return out;
-}
-
-TQByteArray TQCA::hexToArray(const TQString &str)
-{
- TQByteArray out(str.length() / 2);
- int at = 0;
- for(int n = 0; n + 1 < (int)str.length(); n += 2) {
- uchar a = str[n];
- uchar b = str[n+1];
- uchar c = ((a & 0x0f) << 4) + (b & 0x0f);
- out[at++] = c;
- }
- return out;
-}
-
-void TQCA::init()
-{
- if(qca_init)
- return;
- qca_init = true;
- providerList.setAutoDelete(true);
-}
-
-bool TQCA::isSupported(int capabilities)
-{
- init();
-
- int caps = plugin_caps();
- if(caps & capabilities)
- return true;
-
- // ok, try scanning for new stuff
- plugin_scan();
- caps = plugin_caps();
- if(caps & capabilities)
- return true;
-
- return false;
-}
-
-void TQCA::insertProvider(TQCAProvider *p)
-{
- plugin_addClass(p);
-}
-
-void TQCA::unloadAllPlugins()
-{
- plugin_unloadall();
-}
-
-static void *getContext(int cap)
-{
- init();
-
- // this call will also trip a scan for new plugins if needed
- if(!TQCA::isSupported(cap))
- return 0;
-
- TQPtrListIterator<ProviderItem> it(providerList);
- for(ProviderItem *i; (i = it.current()); ++it) {
- if(i->p->capabilities() & cap) {
- i->ensureInit();
- return i->p->context(cap);
- }
- }
- return 0;
-}
-
-
-//----------------------------------------------------------------------------
-// Hash
-//----------------------------------------------------------------------------
-class Hash::Private
-{
-public:
- Private()
- {
- c = 0;
- }
-
- ~Private()
- {
- delete c;
- }
-
- void reset()
- {
- c->reset();
- }
-
- TQCA_HashContext *c;
-};
-
-Hash::Hash(TQCA_HashContext *c)
-{
- d = new Private;
- d->c = c;
-}
-
-Hash::Hash(const Hash &from)
-{
- d = new Private;
- *this = from;
-}
-
-Hash & Hash::operator=(const Hash &from)
-{
- delete d->c;
- d->c = from.d->c->clone();
- return *this;
-}
-
-Hash::~Hash()
-{
- delete d;
-}
-
-void Hash::clear()
-{
- d->reset();
-}
-
-void Hash::update(const TQByteArray &a)
-{
- d->c->update(a.data(), a.size());
-}
-
-TQByteArray Hash::final()
-{
- TQByteArray buf;
- d->c->final(&buf);
- return buf;
-}
-
-
-//----------------------------------------------------------------------------
-// Cipher
-//----------------------------------------------------------------------------
-class Cipher::Private
-{
-public:
- Private()
- {
- c = 0;
- }
-
- ~Private()
- {
- delete c;
- }
-
- void reset()
- {
- dir = Encrypt;
- key.resize(0);
- iv.resize(0);
- err = false;
- }
-
- TQCA_CipherContext *c;
- int dir;
- int mode;
- TQByteArray key, iv;
- bool err;
-};
-
-Cipher::Cipher(TQCA_CipherContext *c, int dir, int mode, const TQByteArray &key, const TQByteArray &iv, bool pad)
-{
- d = new Private;
- d->c = c;
- reset(dir, mode, key, iv, pad);
-}
-
-Cipher::Cipher(const Cipher &from)
-{
- d = new Private;
- *this = from;
-}
-
-Cipher & Cipher::operator=(const Cipher &from)
-{
- delete d->c;
- d->c = from.d->c->clone();
- d->dir = from.d->dir;
- d->mode = from.d->mode;
- d->key = from.d->key.copy();
- d->iv = from.d->iv.copy();
- d->err = from.d->err;
- return *this;
-}
-
-Cipher::~Cipher()
-{
- delete d;
-}
-
-TQByteArray Cipher::dyn_generateKey(int size) const
-{
- TQByteArray buf;
- if(size != -1)
- buf.resize(size);
- else
- buf.resize(d->c->keySize());
- if(!d->c->generateKey(buf.data(), size))
- return TQByteArray();
- return buf;
-}
-
-TQByteArray Cipher::dyn_generateIV() const
-{
- TQByteArray buf(d->c->blockSize());
- if(!d->c->generateIV(buf.data()))
- return TQByteArray();
- return buf;
-}
-
-void Cipher::reset(int dir, int mode, const TQByteArray &key, const TQByteArray &iv, bool pad)
-{
- d->reset();
-
- d->dir = dir;
- d->mode = mode;
- d->key = key.copy();
- d->iv = iv.copy();
- if(!d->c->setup(d->dir, d->mode, d->key.isEmpty() ? 0: d->key.data(), d->key.size(), d->iv.isEmpty() ? 0 : d->iv.data(), pad)) {
- d->err = true;
- return;
- }
-}
-
-bool Cipher::update(const TQByteArray &a)
-{
- if(d->err)
- return false;
-
- if(!a.isEmpty()) {
- if(!d->c->update(a.data(), a.size())) {
- d->err = true;
- return false;
- }
- }
- return true;
-}
-
-TQByteArray Cipher::final(bool *ok)
-{
- if(ok)
- *ok = false;
- if(d->err)
- return TQByteArray();
-
- TQByteArray out;
- if(!d->c->final(&out)) {
- d->err = true;
- return TQByteArray();
- }
- if(ok)
- *ok = true;
- return out;
-}
-
-
-//----------------------------------------------------------------------------
-// SHA1
-//----------------------------------------------------------------------------
-SHA1::SHA1()
-:Hash((TQCA_HashContext *)getContext(CAP_SHA1))
-{
-}
-
-
-//----------------------------------------------------------------------------
-// SHA256
-//----------------------------------------------------------------------------
-SHA256::SHA256()
-:Hash((TQCA_HashContext *)getContext(CAP_SHA256))
-{
-}
-
-
-//----------------------------------------------------------------------------
-// MD5
-//----------------------------------------------------------------------------
-MD5::MD5()
-:Hash((TQCA_HashContext *)getContext(CAP_MD5))
-{
-}
-
-
-//----------------------------------------------------------------------------
-// BlowFish
-//----------------------------------------------------------------------------
-BlowFish::BlowFish(int dir, int mode, const TQByteArray &key, const TQByteArray &iv, bool pad)
-:Cipher((TQCA_CipherContext *)getContext(CAP_BlowFish), dir, mode, key, iv, pad)
-{
-}
-
-
-//----------------------------------------------------------------------------
-// TripleDES
-//----------------------------------------------------------------------------
-TripleDES::TripleDES(int dir, int mode, const TQByteArray &key, const TQByteArray &iv, bool pad)
-:Cipher((TQCA_CipherContext *)getContext(CAP_TripleDES), dir, mode, key, iv, pad)
-{
-}
-
-
-//----------------------------------------------------------------------------
-// AES128
-//----------------------------------------------------------------------------
-AES128::AES128(int dir, int mode, const TQByteArray &key, const TQByteArray &iv, bool pad)
-:Cipher((TQCA_CipherContext *)getContext(CAP_AES128), dir, mode, key, iv, pad)
-{
-}
-
-
-//----------------------------------------------------------------------------
-// AES256
-//----------------------------------------------------------------------------
-AES256::AES256(int dir, int mode, const TQByteArray &key, const TQByteArray &iv, bool pad)
-:Cipher((TQCA_CipherContext *)getContext(CAP_AES256), dir, mode, key, iv, pad)
-{
-}
-
-
-//----------------------------------------------------------------------------
-// RSAKey
-//----------------------------------------------------------------------------
-class RSAKey::Private
-{
-public:
- Private()
- {
- c = 0;
- }
-
- ~Private()
- {
- delete c;
- }
-
- TQCA_RSAKeyContext *c;
-};
-
-RSAKey::RSAKey()
-{
- d = new Private;
- d->c = (TQCA_RSAKeyContext *)getContext(CAP_RSA);
-}
-
-RSAKey::RSAKey(const RSAKey &from)
-{
- d = new Private;
- *this = from;
-}
-
-RSAKey & RSAKey::operator=(const RSAKey &from)
-{
- delete d->c;
- d->c = from.d->c->clone();
- return *this;
-}
-
-RSAKey::~RSAKey()
-{
- delete d;
-}
-
-bool RSAKey::isNull() const
-{
- return d->c->isNull();
-}
-
-bool RSAKey::havePublic() const
-{
- return d->c->havePublic();
-}
-
-bool RSAKey::havePrivate() const
-{
- return d->c->havePrivate();
-}
-
-TQByteArray RSAKey::toDER(bool publicOnly) const
-{
- TQByteArray out;
- if(!d->c->toDER(&out, publicOnly))
- return TQByteArray();
- return out;
-}
-
-bool RSAKey::fromDER(const TQByteArray &a)
-{
- return d->c->createFromDER(a.data(), a.size());
-}
-
-TQString RSAKey::toPEM(bool publicOnly) const
-{
- TQByteArray out;
- if(!d->c->toPEM(&out, publicOnly))
- return TQByteArray();
-
- TQCString cs;
- cs.resize(out.size()+1);
- memcpy(cs.data(), out.data(), out.size());
- return TQString::fromLatin1(cs);
-}
-
-bool RSAKey::fromPEM(const TQString &str)
-{
- TQCString cs = str.latin1();
- TQByteArray a(cs.length());
- memcpy(a.data(), cs.data(), a.size());
- return d->c->createFromPEM(a.data(), a.size());
-}
-
-bool RSAKey::fromNative(void *p)
-{
- return d->c->createFromNative(p);
-}
-
-bool RSAKey::encrypt(const TQByteArray &a, TQByteArray *b, bool oaep) const
-{
- TQByteArray out;
- if(!d->c->encrypt(a, &out, oaep))
- return false;
- *b = out;
- return true;
-}
-
-bool RSAKey::decrypt(const TQByteArray &a, TQByteArray *b, bool oaep) const
-{
- TQByteArray out;
- if(!d->c->decrypt(a, &out, oaep))
- return false;
- *b = out;
- return true;
-}
-
-bool RSAKey::generate(unsigned int bits)
-{
- return d->c->generate(bits);
-}
-
-
-//----------------------------------------------------------------------------
-// RSA
-//----------------------------------------------------------------------------
-RSA::RSA()
-{
-}
-
-RSA::~RSA()
-{
-}
-
-RSAKey RSA::key() const
-{
- return v_key;
-}
-
-void RSA::setKey(const RSAKey &k)
-{
- v_key = k;
-}
-
-bool RSA::encrypt(const TQByteArray &a, TQByteArray *b, bool oaep) const
-{
- if(v_key.isNull())
- return false;
- return v_key.encrypt(a, b, oaep);
-}
-
-bool RSA::decrypt(const TQByteArray &a, TQByteArray *b, bool oaep) const
-{
- if(v_key.isNull())
- return false;
- return v_key.decrypt(a, b, oaep);
-}
-
-RSAKey RSA::generateKey(unsigned int bits)
-{
- RSAKey k;
- k.generate(bits);
- return k;
-}
-
-
-//----------------------------------------------------------------------------
-// Cert
-//----------------------------------------------------------------------------
-class Cert::Private
-{
-public:
- Private()
- {
- c = 0;
- }
-
- ~Private()
- {
- delete c;
- }
-
- TQCA_CertContext *c;
-};
-
-Cert::Cert()
-{
- d = new Private;
- d->c = (TQCA_CertContext *)getContext(CAP_X509);
-}
-
-Cert::Cert(const Cert &from)
-{
- d = new Private;
- *this = from;
-}
-
-Cert & Cert::operator=(const Cert &from)
-{
- delete d->c;
- d->c = from.d->c->clone();
- return *this;
-}
-
-Cert::~Cert()
-{
- delete d;
-}
-
-void Cert::fromContext(TQCA_CertContext *ctx)
-{
- delete d->c;
- d->c = ctx;
-}
-
-bool Cert::isNull() const
-{
- return d->c->isNull();
-}
-
-TQString Cert::commonName() const
-{
- CertProperties props = subject();
- return props["CN"];
-}
-
-TQString Cert::serialNumber() const
-{
- return d->c->serialNumber();
-}
-
-TQString Cert::subjectString() const
-{
- return d->c->subjectString();
-}
-
-TQString Cert::issuerString() const
-{
- return d->c->issuerString();
-}
-
-CertProperties Cert::subject() const
-{
- TQValueList<TQCA_CertProperty> list = d->c->subject();
- CertProperties props;
- for(TQValueList<TQCA_CertProperty>::ConstIterator it = list.begin(); it != list.end(); ++it)
- props[(*it).var] = (*it).val;
- return props;
-}
-
-CertProperties Cert::issuer() const
-{
- TQValueList<TQCA_CertProperty> list = d->c->issuer();
- CertProperties props;
- for(TQValueList<TQCA_CertProperty>::ConstIterator it = list.begin(); it != list.end(); ++it)
- props[(*it).var] = (*it).val;
- return props;
-}
-
-TQDateTime Cert::notBefore() const
-{
- return d->c->notBefore();
-}
-
-TQDateTime Cert::notAfter() const
-{
- return d->c->notAfter();
-}
-
-TQByteArray Cert::toDER() const
-{
- TQByteArray out;
- if(!d->c->toDER(&out))
- return TQByteArray();
- return out;
-}
-
-bool Cert::fromDER(const TQByteArray &a)
-{
- return d->c->createFromDER(a.data(), a.size());
-}
-
-TQString Cert::toPEM() const
-{
- TQByteArray out;
- if(!d->c->toPEM(&out))
- return TQByteArray();
-
- TQCString cs;
- cs.resize(out.size()+1);
- memcpy(cs.data(), out.data(), out.size());
- return TQString::fromLatin1(cs);
-}
-
-bool Cert::fromPEM(const TQString &str)
-{
- TQCString cs = str.latin1();
- TQByteArray a(cs.length());
- memcpy(a.data(), cs.data(), a.size());
- return d->c->createFromPEM(a.data(), a.size());
-}
-
-
-//----------------------------------------------------------------------------
-// TLS
-//----------------------------------------------------------------------------
-class TLS::Private
-{
-public:
- Private()
- {
- c = (TQCA_TLSContext *)getContext(CAP_TLS);
- }
-
- ~Private()
- {
- delete c;
- }
-
- void reset()
- {
- handshaken = false;
- closing = false;
- in.resize(0);
- out.resize(0);
- from_net.resize(0);
- to_net.resize(0);
- host = "";
- hostMismatch = false;
- cert = Cert();
- bytesEncoded = 0;
- tryMore = false;
- }
-
- void appendArray(TQByteArray *a, const TQByteArray &b)
- {
- int oldsize = a->size();
- a->resize(oldsize + b.size());
- memcpy(a->data() + oldsize, b.data(), b.size());
- }
-
- Cert cert;
- TQCA_TLSContext *c;
- TQByteArray in, out, to_net, from_net;
- int bytesEncoded;
- bool tryMore;
- bool handshaken;
- TQString host;
- bool hostMismatch;
- bool closing;
-
- Cert ourCert;
- RSAKey ourKey;
- TQPtrList<TQCA_CertContext> store;
-};
-
-TLS::TLS(TQObject *parent)
-:TQObject(parent)
-{
- d = new Private;
-}
-
-TLS::~TLS()
-{
- delete d;
-}
-
-void TLS::setCertificate(const Cert &cert, const RSAKey &key)
-{
- d->ourCert = cert;
- d->ourKey = key;
-}
-
-void TLS::setCertificateStore(const TQPtrList<Cert> &store)
-{
- // convert the cert list into a context list
- d->store.clear();
- TQPtrListIterator<Cert> it(store);
- for(Cert *cert; (cert = it.current()); ++it)
- d->store.append(cert->d->c);
-}
-
-void TLS::reset()
-{
- d->reset();
-}
-
-bool TLS::startClient(const TQString &host)
-{
- d->reset();
- d->host = host;
-
- if(!d->c->startClient(d->store, *d->ourCert.d->c, *d->ourKey.d->c))
- return false;
- TQTimer::singleShot(0, this, TQT_SLOT(update()));
- return true;
-}
-
-bool TLS::startServer()
-{
- d->reset();
-
- if(!d->c->startServer(d->store, *d->ourCert.d->c, *d->ourKey.d->c))
- return false;
- TQTimer::singleShot(0, this, TQT_SLOT(update()));
- return true;
-}
-
-void TLS::close()
-{
- if(!d->handshaken || d->closing)
- return;
-
- d->closing = true;
- TQTimer::singleShot(0, this, TQT_SLOT(update()));
-}
-
-bool TLS::isHandshaken() const
-{
- return d->handshaken;
-}
-
-void TLS::write(const TQByteArray &a)
-{
- d->appendArray(&d->out, a);
- update();
-}
-
-TQByteArray TLS::read()
-{
- TQByteArray a = d->in.copy();
- d->in.resize(0);
- return a;
-}
-
-void TLS::writeIncoming(const TQByteArray &a)
-{
- d->appendArray(&d->from_net, a);
- update();
-}
-
-TQByteArray TLS::readOutgoing()
-{
- TQByteArray a = d->to_net.copy();
- d->to_net.resize(0);
- return a;
-}
-
-TQByteArray TLS::readUnprocessed()
-{
- TQByteArray a = d->from_net.copy();
- d->from_net.resize(0);
- return a;
-}
-
-const Cert & TLS::peerCertificate() const
-{
- return d->cert;
-}
-
-int TLS::certificateValidityResult() const
-{
- if(d->hostMismatch)
- return TQCA::TLS::HostMismatch;
- else
- return d->c->validityResult();
-}
-
-void TLS::update()
-{
- bool force_read = false;
- bool eof = false;
- bool done = false;
- TQGuardedPtr<TLS> self = this;
-
- if(d->closing) {
- TQByteArray a;
- int r = d->c->shutdown(d->from_net, &a);
- d->from_net.resize(0);
- if(r == TQCA_TLSContext::Error) {
- reset();
- error(ErrHandshake);
- return;
- }
- if(r == TQCA_TLSContext::Success) {
- d->from_net = d->c->unprocessed().copy();
- done = true;
- }
- d->appendArray(&d->to_net, a);
- }
- else {
- if(!d->handshaken) {
- TQByteArray a;
- int r = d->c->handshake(d->from_net, &a);
- d->from_net.resize(0);
- if(r == TQCA_TLSContext::Error) {
- reset();
- error(ErrHandshake);
- return;
- }
- d->appendArray(&d->to_net, a);
- if(r == TQCA_TLSContext::Success) {
- TQCA_CertContext *cc = d->c->peerCertificate();
- if(cc && !d->host.isEmpty() && d->c->validityResult() == TQCA::TLS::Valid) {
- if(!cc->matchesAddress(d->host))
- d->hostMismatch = true;
- }
- d->cert.fromContext(cc);
- d->handshaken = true;
- handshaken();
- if(!self)
- return;
-
- // there is a teeny tiny possibility that incoming data awaits. let us get it.
- force_read = true;
- }
- }
-
- if(d->handshaken) {
- if(!d->out.isEmpty() || d->tryMore) {
- d->tryMore = false;
- TQByteArray a;
- int enc;
- bool more = false;
- bool ok = d->c->encode(d->out, &a, &enc);
- eof = d->c->eof();
- if(ok && enc < (int)d->out.size())
- more = true;
- d->out.resize(0);
- if(!eof) {
- if(!ok) {
- reset();
- error(ErrCrypt);
- return;
- }
- d->bytesEncoded += enc;
- if(more)
- d->tryMore = true;
- d->appendArray(&d->to_net, a);
- }
- }
- if(!d->from_net.isEmpty() || force_read) {
- TQByteArray a, b;
- bool ok = d->c->decode(d->from_net, &a, &b);
- eof = d->c->eof();
- d->from_net.resize(0);
- if(!ok) {
- reset();
- error(ErrCrypt);
- return;
- }
- d->appendArray(&d->in, a);
- d->appendArray(&d->to_net, b);
- }
-
- if(!d->in.isEmpty()) {
- readyRead();
- if(!self)
- return;
- }
- }
- }
-
- if(!d->to_net.isEmpty()) {
- int bytes = d->bytesEncoded;
- d->bytesEncoded = 0;
- readyReadOutgoing(bytes);
- if(!self)
- return;
- }
-
- if(eof) {
- close();
- if(!self)
- return;
- return;
- }
-
- if(d->closing && done) {
- reset();
- closed();
- }
-}
-
-
-//----------------------------------------------------------------------------
-// SASL
-//----------------------------------------------------------------------------
-TQString saslappname = "qca";
-class SASL::Private
-{
-public:
- Private()
- {
- c = (TQCA_SASLContext *)getContext(CAP_SASL);
- }
-
- ~Private()
- {
- delete c;
- }
-
- void setSecurityProps()
- {
- c->setSecurityProps(noPlain, noActive, noDict, noAnon, reqForward, reqCreds, reqMutual, ssfmin, ssfmax, ext_authid, ext_ssf);
- }
-
- // security opts
- bool noPlain, noActive, noDict, noAnon, reqForward, reqCreds, reqMutual;
- int ssfmin, ssfmax;
- TQString ext_authid;
- int ext_ssf;
-
- bool tried;
- TQCA_SASLContext *c;
- TQHostAddress localAddr, remoteAddr;
- int localPort, remotePort;
- TQByteArray stepData;
- bool allowCSF;
- bool first, server;
-
- TQByteArray inbuf, outbuf;
-};
-
-SASL::SASL(TQObject *parent)
-:TQObject(parent)
-{
- d = new Private;
- reset();
-}
-
-SASL::~SASL()
-{
- delete d;
-}
-
-void SASL::setAppName(const TQString &name)
-{
- saslappname = name;
-}
-
-void SASL::reset()
-{
- d->localPort = -1;
- d->remotePort = -1;
-
- d->noPlain = false;
- d->noActive = false;
- d->noDict = false;
- d->noAnon = false;
- d->reqForward = false;
- d->reqCreds = false;
- d->reqMutual = false;
- d->ssfmin = 0;
- d->ssfmax = 0;
- d->ext_authid = "";
- d->ext_ssf = 0;
-
- d->inbuf.resize(0);
- d->outbuf.resize(0);
-
- d->c->reset();
-}
-
-int SASL::errorCondition() const
-{
- return d->c->errorCond();
-}
-
-void SASL::setAllowPlain(bool b)
-{
- d->noPlain = !b;
-}
-
-void SASL::setAllowAnonymous(bool b)
-{
- d->noAnon = !b;
-}
-
-void SASL::setAllowActiveVulnerable(bool b)
-{
- d->noActive = !b;
-}
-
-void SASL::setAllowDictionaryVulnerable(bool b)
-{
- d->noDict = !b;
-}
-
-void SASL::setRequireForwardSecrecy(bool b)
-{
- d->reqForward = b;
-}
-
-void SASL::setRequirePassCredentials(bool b)
-{
- d->reqCreds = b;
-}
-
-void SASL::setRequireMutualAuth(bool b)
-{
- d->reqMutual = b;
-}
-
-void SASL::setMinimumSSF(int x)
-{
- d->ssfmin = x;
-}
-
-void SASL::setMaximumSSF(int x)
-{
- d->ssfmax = x;
-}
-
-void SASL::setExternalAuthID(const TQString &authid)
-{
- d->ext_authid = authid;
-}
-
-void SASL::setExternalSSF(int x)
-{
- d->ext_ssf = x;
-}
-
-void SASL::setLocalAddr(const TQHostAddress &addr, TQ_UINT16 port)
-{
- d->localAddr = addr;
- d->localPort = port;
-}
-
-void SASL::setRemoteAddr(const TQHostAddress &addr, TQ_UINT16 port)
-{
- d->remoteAddr = addr;
- d->remotePort = port;
-}
-
-bool SASL::startClient(const TQString &service, const TQString &host, const TQStringList &mechlist, bool allowClientSendFirst)
-{
- TQCA_SASLHostPort la, ra;
- if(d->localPort != -1) {
- la.addr = d->localAddr;
- la.port = d->localPort;
- }
- if(d->remotePort != -1) {
- ra.addr = d->remoteAddr;
- ra.port = d->remotePort;
- }
-
- d->allowCSF = allowClientSendFirst;
- d->c->setCoreProps(service, host, d->localPort != -1 ? &la : 0, d->remotePort != -1 ? &ra : 0);
- d->setSecurityProps();
-
- if(!d->c->clientStart(mechlist))
- return false;
- d->first = true;
- d->server = false;
- d->tried = false;
- TQTimer::singleShot(0, this, TQT_SLOT(tryAgain()));
- return true;
-}
-
-bool SASL::startServer(const TQString &service, const TQString &host, const TQString &realm, TQStringList *mechlist)
-{
- TQCA_SASLHostPort la, ra;
- if(d->localPort != -1) {
- la.addr = d->localAddr;
- la.port = d->localPort;
- }
- if(d->remotePort != -1) {
- ra.addr = d->remoteAddr;
- ra.port = d->remotePort;
- }
-
- d->c->setCoreProps(service, host, d->localPort != -1 ? &la : 0, d->remotePort != -1 ? &ra : 0);
- d->setSecurityProps();
-
- if(!d->c->serverStart(realm, mechlist, saslappname))
- return false;
- d->first = true;
- d->server = true;
- d->tried = false;
- return true;
-}
-
-void SASL::putServerFirstStep(const TQString &mech)
-{
- int r = d->c->serverFirstStep(mech, 0);
- handleServerFirstStep(r);
-}
-
-void SASL::putServerFirstStep(const TQString &mech, const TQByteArray &clientInit)
-{
- int r = d->c->serverFirstStep(mech, &clientInit);
- handleServerFirstStep(r);
-}
-
-void SASL::handleServerFirstStep(int r)
-{
- if(r == TQCA_SASLContext::Success)
- authenticated();
- else if(r == TQCA_SASLContext::Continue)
- nextStep(d->c->result());
- else if(r == TQCA_SASLContext::AuthCheck)
- tryAgain();
- else
- error(ErrAuth);
-}
-
-void SASL::putStep(const TQByteArray &stepData)
-{
- d->stepData = stepData.copy();
- tryAgain();
-}
-
-void SASL::setUsername(const TQString &user)
-{
- d->c->setClientParams(&user, 0, 0, 0);
-}
-
-void SASL::setAuthzid(const TQString &authzid)
-{
- d->c->setClientParams(0, &authzid, 0, 0);
-}
-
-void SASL::setPassword(const TQString &pass)
-{
- d->c->setClientParams(0, 0, &pass, 0);
-}
-
-void SASL::setRealm(const TQString &realm)
-{
- d->c->setClientParams(0, 0, 0, &realm);
-}
-
-void SASL::continueAfterParams()
-{
- tryAgain();
-}
-
-void SASL::continueAfterAuthCheck()
-{
- tryAgain();
-}
-
-void SASL::tryAgain()
-{
- int r;
-
- if(d->server) {
- if(!d->tried) {
- r = d->c->nextStep(d->stepData);
- d->tried = true;
- }
- else {
- r = d->c->tryAgain();
- }
-
- if(r == TQCA_SASLContext::Error) {
- error(ErrAuth);
- return;
- }
- else if(r == TQCA_SASLContext::Continue) {
- d->tried = false;
- nextStep(d->c->result());
- return;
- }
- else if(r == TQCA_SASLContext::AuthCheck) {
- authCheck(d->c->username(), d->c->authzid());
- return;
- }
- }
- else {
- if(d->first) {
- if(!d->tried) {
- r = d->c->clientFirstStep(d->allowCSF);
- d->tried = true;
- }
- else
- r = d->c->tryAgain();
-
- if(r == TQCA_SASLContext::Error) {
- error(ErrAuth);
- return;
- }
- else if(r == TQCA_SASLContext::NeedParams) {
- //d->tried = false;
- TQCA_SASLNeedParams np = d->c->clientParamsNeeded();
- needParams(np.user, np.authzid, np.pass, np.realm);
- return;
- }
-
- TQString mech = d->c->mech();
- const TQByteArray *clientInit = d->c->clientInit();
-
- d->first = false;
- d->tried = false;
- clientFirstStep(mech, clientInit);
- }
- else {
- if(!d->tried) {
- r = d->c->nextStep(d->stepData);
- d->tried = true;
- }
- else
- r = d->c->tryAgain();
-
- if(r == TQCA_SASLContext::Error) {
- error(ErrAuth);
- return;
- }
- else if(r == TQCA_SASLContext::NeedParams) {
- //d->tried = false;
- TQCA_SASLNeedParams np = d->c->clientParamsNeeded();
- needParams(np.user, np.authzid, np.pass, np.realm);
- return;
- }
- d->tried = false;
- //else if(r == TQCA_SASLContext::Continue) {
- nextStep(d->c->result());
- // return;
- //}
- }
- }
-
- if(r == TQCA_SASLContext::Success)
- authenticated();
- else if(r == TQCA_SASLContext::Error)
- error(ErrAuth);
-}
-
-int SASL::ssf() const
-{
- return d->c->security();
-}
-
-void SASL::write(const TQByteArray &a)
-{
- TQByteArray b;
- if(!d->c->encode(a, &b)) {
- error(ErrCrypt);
- return;
- }
- int oldsize = d->outbuf.size();
- d->outbuf.resize(oldsize + b.size());
- memcpy(d->outbuf.data() + oldsize, b.data(), b.size());
- readyReadOutgoing(a.size());
-}
-
-TQByteArray SASL::read()
-{
- TQByteArray a = d->inbuf.copy();
- d->inbuf.resize(0);
- return a;
-}
-
-void SASL::writeIncoming(const TQByteArray &a)
-{
- TQByteArray b;
- if(!d->c->decode(a, &b)) {
- error(ErrCrypt);
- return;
- }
- int oldsize = d->inbuf.size();
- d->inbuf.resize(oldsize + b.size());
- memcpy(d->inbuf.data() + oldsize, b.data(), b.size());
- readyRead();
-}
-
-TQByteArray SASL::readOutgoing()
-{
- TQByteArray a = d->outbuf.copy();
- d->outbuf.resize(0);
- return a;
-}
-
-#include "tqca.moc"